0

I am getting the windows user id from the java file and passing it to in the web application. then I want to fetch the corresponding role of the user from the database and needs to be set. I tried this with spring security but not getting the proper answer.

enter image description here

I have referred the below tutorial https://www.mkyong.com/spring-security/spring-security-form-login-using-database/ from that, I removed the password field and I tried only with username field. but it is not working.

<beans:beans xmlns="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schema/beans/spring-beans.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schema/security/spring-security.xsd">



    <!-- enable use-expressions -->
    <http auto-config="true" use-expressions="true">
        <intercept-url pattern="/admin**" access="hasRole('ROLE_ADMIN')" />

        <!-- access denied page -->
        <access-denied-handler error-page="/403" />
        <form-login 
            login-page="/login" 
            default-target-url="/hello" 
            authentication-failure-url="/login?error" 
            username-parameter="username"
            password-parameter="password" />
        <logout logout-success-url="/login?logout"  />
        <!-- enable csrf protection -->
        <csrf/>

         <intercept-url pattern="/login/**" access="permitAll" />
        <intercept-url pattern="/**" access="isAuthenticated()" />  
    </http>




    <!-- Select users and user_roles from database -->
    <authentication-manager>
        <authentication-provider>
         <password-encoder ref="bcryptEncoder"/>
            <jdbc-user-service data-source-ref="ds"
                users-by-username-query=
                    "select username,password, enabled from users where username=?"
                authorities-by-username-query=
                    "select username, role from user_roles where username =?  " />
        </authentication-provider>
    </authentication-manager>

    <beans:bean id="bcryptEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />


</beans:beans>

I don't want to use 'users-by-username-query' in an authentication provider. I want to execute only 'authorities-by-username-query' and set the role. role table also same in the tutorial.

Please guide me on this topic.

Karthick Anbazhagan
  • 353
  • 2
  • 9
  • 27
  • Did you check [this](https://stackoverflow.com/questions/53158262/login-with-only-username-in-spring-security) out? – Jason May 31 '19 at 06:43
  • I had checked that. I was doing these things in XML format. when I remove password field, authentication was getting failed – Karthick Anbazhagan May 31 '19 at 06:46
  • @Jason my actual intention is to get the client id(windows user id) but i am not getting proper guidance. you can check [https://stackoverflow.com/questions/56237153/get-client-user-idwindows-login-id-in-spring-without-browser-login-authenticat] this link. – Karthick Anbazhagan May 31 '19 at 06:51
  • so now I will run the java file in the client system and pass his/her user id to the application. then i have to refer the user id with database and assign the role. – Karthick Anbazhagan May 31 '19 at 06:55

0 Answers0